Codebase list matrix-synapse / debian/1.30.0-1 debian / matrix-synapse.service
debian/1.30.0-1

Tree @debian/1.30.0-1 (Download .tar.gz)

matrix-synapse.service @debian/1.30.0-1raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
[Unit]
Description=Synapse Matrix homeserver
ConditionPathExists=/etc/matrix-synapse/conf.d/server_name.yaml
Documentation=file:/usr/share/doc/matrix-synapse/README.rst

[Service]
Type=simple
User=matrix-synapse
WorkingDirectory=/var/lib/matrix-synapse
EnvironmentFile=/etc/default/matrix-synapse
ExecStartPre=/usr/bin/python3 -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
ExecStart=/usr/bin/python3 -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
Restart=on-failure
RestartSec=3
SELinuxContext=system_u:system_r:matrixd_t:s0

# sandboxing
ConfigurationDirectory=matrix-synapse
LockPersonality=yes
LogsDirectory=matrix-synapse
NoNewPrivileges=yes
PrivateDevices=yes
PrivateTmp=yes
ProtectControlGroups=yes
ProtectHome=read-only
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictRealtime=yes
StateDirectory=matrix-synapse
SystemCallArchitectures=native

[Install]
WantedBy=multi-user.target